Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
EASM mistakes waiting to happen
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
JR0ch17
January 25, 2022
Technology
0
49
EASM mistakes waiting to happen
JR0ch17
January 25, 2022
Tweet
Share
More Decks by JR0ch17
See All by JR0ch17
Traversing my way in the internal network
jr0ch17
0
170
Getting Started in Bug Bounty
jr0ch17
0
160
Getting Blindly Lucky
jr0ch17
0
94
Qu'est-ce que le bug bounty?
jr0ch17
0
140
Finding 5 bugs in a single parameter
jr0ch17
0
110
Beyond the Borders of Scope
jr0ch17
1
90
Bad API, hAPI Hackers!
jr0ch17
0
1.6k
Other Decks in Technology
See All in Technology
「静的解析」だけで終わらせない。 SonarQube の最新機能 × AIで エンジニアの開発生産性を本気で上げる方法
xibuka
2
260
Claude Codeはレガシー移行でどこまで使えるのか?
ak2ie
0
710
ローカルでLLMを使ってみよう
kosmosebi
0
180
器用貧乏が強みになるまで ~「なんでもやる」が導いたエンジニアとしての現在地~
kakehashi
PRO
5
520
30分でわかるアーキテクチャモダナイゼーション
nwiizo
7
3.5k
AI駆動開発とRAGプロダクトへの挑戦の軌跡 - 弁護士ドットコムでの学びから -
bengo4com
2
810
Oracle Cloud Infrastructure データベース・クラウド:各バージョンのサポート期間
oracle4engineer
PRO
57
47k
チーム開発の基礎_研究を事業につなげるために
cyberagentdevelopers
PRO
8
4.3k
AI活用を"目的"にしたら、データの本質が見えてきた - Snowflake Intelligence実験記 / chasing-ai-finding-data
pei0804
0
450
「技術的にできません」を越えて価値を生み出せ──研究開発チームをPMが率いて生み出した価値創出
hiro93n
1
310
【2026年版】生成AIによる情報システムへのインパクト
taka_aki
0
170
サンタコンペ2025完全攻略 ~お前らの焼きなましは遅すぎる~
terryu16
1
310
Featured
See All Featured
How to Talk to Developers About Accessibility
jct
2
140
The Anti-SEO Checklist Checklist. Pubcon Cyber Week
ryanjones
0
81
Navigating the Design Leadership Dip - Product Design Week Design Leaders+ Conference 2024
apolaine
0
210
Redefining SEO in the New Era of Traffic Generation
szymonslowik
1
230
How STYLIGHT went responsive
nonsquared
100
6k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
360
30k
Measuring Dark Social's Impact On Conversion and Attribution
stephenakadiri
1
140
Future Trends and Review - Lecture 12 - Web Technologies (1019888BNR)
signer
PRO
0
3.2k
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
twada
PRO
117
110k
Become a Pro
speakerdeck
PRO
31
5.8k
Producing Creativity
orderedlist
PRO
348
40k
YesSQL, Process and Tooling at Scale
rocio
174
15k
Transcript
EASM mistakes waiting to happen
GET /whoami HTTP/2 Jasmin Landry JR0ch17 Lead, IT & Security
at Montreal Canadiens fan
GET /agenda HTTP/2 EASM Common mistakes Hacker perspective
GET /EASM HTTP/2 What exactly is EASM? What does it
cover? Why is it important?
GET /common_mistakes HTTP/2 Lack of Change Management Not respecting Least
Privilege Misconfigured WAFs Cloud misconfigs (S3 buckets)
GET /hacker_perspective HTTP/2 • Subdomains • IPs • TLS certificates
• Third-party apps Recon EVERYTHING • Monitor for new assets • Monitor any change Continuous Monitoring
GET /thanks HTTP/2 Thank you for listening Questions? More questions?
DMs are open on and
SiteGround - Reliable hosting with speed, security, and support you can count on.
jr0ch17
xibuka
ak2ie
kosmosebi
kakehashi
nwiizo
bengo4com
oracle4engineer
cyberagentdevelopers
pei0804
hiro93n
taka_aki
terryu16
jct
ryanjones
apolaine
szymonslowik
nonsquared
bermonpainter
stephenakadiri
signer
twada
speakerdeck
orderedlist
rocio
